See this document in CiteSeerX!

Modeling Requests among Cooperating Intrusion Detection Systems (2000)  (Make Corrections)  (4 citations)
Peng Ning, X. Sean Wang, Sushil Jajodia
Computer Communications



  Home/Search   Context   Related

 
View or download:
ncsu.edu/faculty/ning/pubs/query.ps
ncsu.edu/~pning/pubs/query.ps
Cached:  PS.gz  PS  PDF   Image  Update  Help

From:  ncsu.edu/faculty/ning/vitae (more)
(Enter author homepages)

Rate this article: (best)
  Comment on this article  
(Enter summary)

Abstract: It is important for intrusion detection systems (IDSs) to share information in order to discover attacks involving multiple sites. However, no framework exists for an IDS to request from and send to another IDS data relevant to specific events. The lack of such a framework may result in a waste of processing time, storage capacity and network bandwidth. This paper proposes a formal framework modeling requests among the cooperating IDSs. To show wide applicability, the paper explores the use of... (Update)

Context of citations to this paper:   More

...it is limited to occur between the adjacent levels of the hierarchy and in AAFID, it is allowed only within a host. Ning et al. [11, 12] recognize the importance of the querying facility in cooperative intrusion detection systems. They propose an extension to the common...

Cited by:   More
A Framework for Distributed Intrusion Detection using.. - Gopalakrishna, Spafford (2001)   (Correct)
Intrusion Detection: A Bibliography - Mé, Michel (2001)   (Correct)
Abstraction-based Intrusion Detection in Distributed.. - Ning, Jajodia, Wang (2001)   (Correct)

Similar documents (at the sentence level):
6.5%:   A Query Facility for Common Intrusion Detection Framework - Ning, Wang, Jajodia (2000)   (Correct)

Active bibliography (related documents):   More   All
0.3:   SHOMAR: An Open Architecture for Distributed Intrusion .. - Undercoffer, Perich..   (Correct)
0.3:   Lightweight Agents For Intrusion Detection - Helmer, Wong, Honavar, Miller (2000)   (Correct)
0.3:   Intrusion Confinement by Isolation in Information Systems - Liu, Jajodia, McCollum (2000)   (Correct)

Similar documents based on text:   More   All
1.0:   A Data Mining and CIDF Based Approach for.. - Lee, Nimbalkar.. (2000)   (Correct)
0.9:   Building Adaptive and Agile Applications Using.. - Loyall, Pal, Schantz, .. (2000)   (Correct)
0.7:   Intrusion Detection Inter-component Adaptive Negotiation - Feiertag, Benzinger.. (1999)   (Correct)

Related documents from co-citation:   More   All
5:   Abstraction-based misuse detection: High-level specications and adaptable strate.. - Lin, Wang et al. - 1998
4:   Intrusion Detection Intercomponent Adaptive Negotiation - Feiertag, Benzinger et al. - 1999
4:   EMERALD: Event Monitoring Enabling Responses to Anomalous Live Disturbances - Porras, Neumann - 1997

BibTeX entry:   (Update)

P. Ning, X. S. Wang, and S. Jajodia. Modeling requests among cooperating intrusion detection systems. Computer Communications, 23(17):1702--1716, 2000. http://citeseer.ist.psu.edu/ning00modeling.html   More

@article{ ning00modeling,
  author = "Peng Ning and Xiaoyang Sean Wang and Sushil Jajodia",
  title = "Modeling requests among cooperating intrusion detection systems",
  journal = "Computer Communications",
  volume = "23",
  number = "17",
  pages = "1702--1716",
  year = "2000",
  url = "citeseer.ist.psu.edu/ning00modeling.html",
  url = "http://citeseer.nj.nec.com/ning00modeling.html" }
Citations (may not include all citations):
132   EMERALD: Event monitoring enabling response to anomalous liv.. - Porras, Neumann - 1997
105   State transition analysis: A rule-based intrusion detection .. - Ilgun, Kemmerer et al. - 1995  DBLP
63   An architecture for intrusion detection using autonomous age.. - Balasubramaniyan, Garcia-Fernandez et al. - 1998  ACM   DBLP
58   A pattern matching model for misuse intrusion detection - Kumar, Spafford - 1994
48   Classification and Detection of Computer Intrusions - Kumar - 1995  ACM
44   Implementing a generalized tool for network monitoring - Ranum, Landfield et al. - 1997  ACM   DBLP
42   A First Course in Database Systems (context) - Ullman, Widom - 1997  ACM
38   Cooperating security managers: A peer-based intrusion detect.. (context) - White, Fisch et al. - 1996
36   Detecting disruptive routers: A distributed network monitori.. - Bradley, Cheung et al.
22   Abstraction-based misuse detection: High-level specification.. - Lin, Wang et al. - 1998  DBLP
15   A common intrusion detection framework (context) - Kahn, Porras et al. - 1998
8   Holding intruders accountable on the internet - Staniford-Chen, Heberlein  ACM
7   A common intrusion specification language (context) - Feiertag, Kahn et al. - 1998
7   A Guide to the SQL standard: a user's guide to the standard .. (context) - Date, Darwen - 1997
7   GrIDS - a graph based intrusion detection system for large n.. - Staniford-Chen, Cheung et al. - 1996
7   The common intrusion detection framework architecture (context) - Porras, Schnackenberg et al. - 1998
5   Communication in the common intrusion detection framework (context) - Kahn, Bolinger et al. - 1998
5   Open infrastructure for scalable intrusion detection (context) - Reilly, Stillman
4   Intrusion detection and response research at DARPA (context) - Lunt, McCollum - 1999
2   CIDF APIs: Their care and feeding (context) - Tung - 1998
1   Extending CIDF to support queries (context) - Ning, Wang et al. - 1999
http://www.ietf.org/html.charters/idwg-charters.html

Documents on the same site (http://www.csc.ncsu.edu/faculty/ning/vitae.html):   More
Abstraction-based Intrusion Detection in Distributed.. - Ning, Jajodia, Wang (2001)   (Correct)
Discovering Calendar-based Temporal Association Rules - Li, Ning, Wang, Jajodia (2001)   (Correct)
An Algebraic Representation of Calendars - Ning, Wang, Jajodia (2001)   (Correct)

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC